how to block my lan to surf adult site?

i have a linux router...in my linux router...i have snort, firewall script...my second nic is connected to switch and then from switch to my LAN...so i want if on of the client in LAN typing something at webbrowser such as XXX...so the page will be replace with a page that i create my own self...is that possible?
operation1612Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

blklineCommented:
What you want to do is install a proxy.  Check out "squid" at

http://www.squid-cache.org
0
operation1612Author Commented:
you mean install a proxy in my gateway?...that mean i will have to open port for proxy?...
0
operation1612Author Commented:
at least i dont want any another port to be open in my linux router...unless there is no other choice...thanks
0
INTRODUCING: WatchGuard's New MFA Solution

WatchGuard is proud to announce the launch of AuthPoint, a powerful, yet simple, Cloud-based MFA service designed to eliminate the vulnerabilities that put your data, systems, and users at risk.

blklineCommented:
Squid is a proxy that you can install in the same box.  What you can do is intercept http requests coming from the inside network, look at what is being requested and then reply appropriately.  

There doesn't have to be any additional ports open from the outside to accomplish this (or the inside either, for that matter).
0
ahoffmannCommented:
install squid (or whatever proxy you like), then use iptables to redirect any outbound traffic to squid, ready.
0
aimhighCommented:
I run DansGuardian on top of Squid as a content filter system like so:

user -> dansguardian:3128  -> (good) squid:80 -> Internet
                      |
                      V
                   (bad) blocked page that I crafted from the available template

Follow that up with iptables to block direct connect and use the squidguard ruleset that very easily integrates with DansGuardian and you have a pretty darn good content filter system.

Alternatively, you can leave the squid off (i.e. no caching) and simply just use dansguardian as a filter.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Peeyush_MauryaCommented:
dansguradian is definetaly good but sometimes it slow down the internet speed...

use squid and its ACL
go through this link and u can block any site to some and allow some... through this u can do anything u want in a proxy server ..... squid alone is very powerfull...
http://www.linux-faqs.com/Forum/viewtopic.php?t=28
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.